Microsoft SharePoint Server 0-Day Vulnerability Actively Exploited in Attacks A critical zero-day spoofing vulnerability in Microsoft SharePoint Server is being actively exploited in the wild, Microsoft confirmed on April 14, 2026, as part of its monthly security update cycle.

There's is a 0day in certain Sharepoint versions cybersecuritynews.com/sharepoint-s...

MITRE Launches New Framework To Combat Cyber Fraud: The Fight Fraud Framework™ (F3) The MITRE Corporation has unveiled a new initiative aimed at helping organizations better detect and prevent fraud. The framework, known as the Fight Fraud Framework (MITRE F3), serves as a curated kn...

New Framework for cybersecurity! :) www.linkedin.com/pulse/mitre-...

Microsoft Confirms Recent Windows 11 Updates Break Push Button Reset Microsoft confirmed recent Windows 11 updates break the “Reset this PC” feature in March 2026 hotpatch notes.

cybersecuritynews.com/windows-11-u...

There's a fix available for Adobe Reader nvd.nist.gov/vuln/detail/...

Flaw affects both Windows and macOS:

Acrobat DC (≤ 26.001.21367) → patched in 26.001.21411
Acrobat Reader DC (≤ 26.001.21367) → patched in 26.001.21411
Acrobat 2024 (≤ 24.001.30356) → patched in newer platform-specific builds

NIST Overhauls DNS Security Guidance After 12 Years, Reflecting a Transformed Threat Landscape In a significant update to federal cybersecurity policy, the National Institute of Standards and Technology (NIST) has released a new version of its long-standing Domain Name System (DNS) security gui...

NIST's new DNS guidance.

NIST Overhauls DNS Security Guidance After 12 Years, Reflecting a Transformed Threat Landscape
www.linkedin.com/pulse/nist-o...

International Cyber Digest on X: "🚨‼️ BREAKING: The source code of Swedish e-government services from CGI's "E-plattform" has been leaked. A threat actor sent us samples. Our initial analysis shows the breached repositories originate from an internal CGI GitLab instance. The leak exposes architecture, https://t.co/RQnZRh3EAf" / X 🚨‼️ BREAKING: The source code of Swedish e-government services from CGI's "E-plattform" has been leaked. A threat actor sent us samples. Our initial analysis shows the breached repositories originate from an internal CGI GitLab instance. The leak exposes architecture, https://t.co/RQnZRh3EAf

Oh no

x.com/IntCyberDige...

Microsoft March 2026 Patch Tuesday Fixes 70+ Vulnerabilities, Including 2 Zero-Day Flaws Microsoft has released its March 2026 Patch Tuesday security updates, addressing 79 vulnerabilities across multiple products, including two publicly disclosed zero-day flaws and several high-severity ...

Microsoft March 2026 Patch Tuesday Fixes 70+ Vulnerabilities, Including 2 Zero-Day Flaws
www.linkedin.com/pulse/micros...

Chinese have capabilities....."three artificial intelligence (AI) companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extracted Claude's capabilities to improve their own models."
thehackernews.com/2026/02/anth...

PayPal Data Breach Exposes SSNs and Business PII of Customers for Over Six Months PayPal has issued a formal data breach notification disclosing that a coding error in its PayPal Working Capital (PPWC) loan application exposed the personally identifiable information (PII) of an und...

PayPayl Data breach cybersecuritynews.com/paypal-data-...

Book review of The Azure Cloud Native Architecture Mapbook – 2nd Edition This book is for cloud architects, engineers, and technical decision-makers who design, build, or govern solutions on Azure.

New #bookreview www.jussimetso.com/index.php/20...

The patch tuesday msft.it/6018SZEg0

Hackers Use DFIR Tool 'Velociraptor' to Attack VMware ESXi and Windows Servers with Ransomware Security researchers at Cisco Talos have confirmed that ransomware operators are actively exploiting Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in their attacks.

cybersecuritynews.com/dfir-tool-ve...

Major gaming platforms hit by disruptions: unprecedented DDoS suspected Steam, Riot, and other major platforms are experiencing widespread service disruptions, likely due to massive DDoS attacks linked to the Aisuru botnet.

Couple of days ago I noticed that Steam does not work. I thought it might be DDOS and it was. share.google/LTKsVzkZxi2N...

Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks Oracle releases an emergency fix for CVE-2025-61882 after Cl0p exploits critical EBS flaw.

thehackernews.com/2025/10/orac...

New EDR-Freeze tool uses Windows WER to suspend security software A new method and proof-of-concept tool called EDR-Freeze demonstrates that evading security solutions is possible from user mode with Microsoft's Windows Error Reporting (WER) system.

www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.blee...

Checkout this Meetup with Microsoft Security User Group Finland: meetu.ps/e/PrJsH/11qZ...

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants Microsoft patched CVE-2025-55241 July 17, 2025; CVSS 10.0 Entra ID bug via legacy Graph enabled cross-tenant impersonation risking tenant compromise.

Fixed thehackernews.com/2025/09/micr...

Malware automated remediation in Defender for Storage Defender for Storage now supports different ways to handle malicious files. Now you can select the remediation option that fits your scenario. Built-in remediation capabilities Automated workflows …

New blog about automated malware remediation from storage account blobs www.jussimetso.com/index.php/20...

Hackers Abuse Microsoft Teams to Gain Remote Access on Windows With PowerShell-based Malware Cybercriminals are increasingly weaponizing Microsoft Teams, exploiting the platform's trusted role in corporate communications to deploy malware and seize control of victim systems.

cybersecuritynews.com/microsoft-te...

What is Microsoft Sentinel data lake “a cloud-native security data platform that centralizes logs and telemetry from across your environment into a scalable, cost-efficient data lake”

My Microsoft Sentinel data lake blog is out now www.jussimetso.com/index.php/20...

My first renewal 🔥🔥🔥

Modernizing your on-prem SIEM with Microsoft Sentinel – part 2 So you want to migrate your on-prem SIEM to Microsoft Sentinel?What kind of tasks you have thought so far? Some planning maybe?Here are some task what I have in my mind. These are just tasks, no ne…

The sequel with task lists for modernizing on-prem SIEM to Sentinel www.jussimetso.com/index.php/20...

Modernizing your on-prem SIEM with Microsoft Sentinel – part 1 Are you wondering to transfer your classic on-prem SIEM to fancy and modernized cloud SIEM. Read my suggestions of the advances of Microsoft Sentinel

How to modernize your on-prem siem to Microsoft Sentinel aka Cloud Siem www.jussimetso.com/index.php/20...

Defender for Cloud – Part 11: Data and AI Security The Data and AI security overview section displays your cloud data and AI estate for each cloud. It includes all data and AI resources, categorized into storage assets, managed databases, hosted da…

Last blog post in my Defender for Cloud series so far. The end has come.

Topic this time is Data and AI Security Dashboard.

www.jussimetso.com/index.php/20...

Old but still valid.

Defender for Cloud – Part 10.5: CWP Advanced protection Advanced Threat Protection provides a new layer of security, which enables customers to detect and respond to potential threats as they occur by providing security alerts on anomalous activities.

New bl0g!

Defender for Cloud - Advanced protection is kind of LARGE area to cover but I tried.

Advanced Threat Protection provides a new layer of security, which enables customers to detect and respond to potential threats as they occur by providing security alerts on anomalous activities.

Defender for Cloud – Part 10: Cloud Workload protection (CWP) Cloud Workload Protection in Microsoft Defender for Cloud helps protect various cloud resources such as virtual machines, containers, databases, and applications from security threats, vulnerabilit…

Workload Protection in Microsoft Defender for Cloud refers to cloud-native security posture management (CSPM) and threat protection for workloads running in Azure, hybrid, and multi-cloud environments (including AWS, GCP, GitHub, Azure DevOps and others).

Defender for Cloud – Part 9: Regulatory compliance Microsoft Defender for Cloud provides Regulatory Compliance capabilities to help organizations assess and maintain compliance with industry standards, frameworks, and regulatory requirements. It co…

Blog: Regulatory compliance in Defender for Cloud. If you need to check how your Azure, AWS, GCP resources comply against industry standards you can use this feature. www.jussimetso.com/index.php/20...

OpenAI's #Sora became available in Europe today. 🔥 If you have #ChatGPT Plus or Pro subscription you can create your own videos with it. Naturally, I needed to test it by creating some bernese mountain dog videos! 🥰

#openAI #aivideo #bernesemountaindog #ai #texttovideo

New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems Auto-Color Linux malware targets governments and universities, using stealth tactics and encryption to evade detection and maintain persistence.

"Once installed, Auto-color allows threat actors full remote access to compromised machines, making it very difficult to remove without specialized software," security researcher Alex Armstrong."